class HomeController < ApplicationController

  require_role 'admin', :for => :showProfilesToAdmin
  ssl_required :edit, :showProfilesToAdmin



  def index


    if is_editor?
      redirect_to :controller => :content, :action => :showArticleApproval
    end



  end

  def edit

    @title = "Edit user info"
    @user = current_user
    if param_posted?(:user)
      attribute = params[:attribute]
      case attribute
        when "details"
          if @user.update_attributes( params[:user] )
            flash[:notice] = "User details updated."
            redirect_to :action => "index"
          end
        when "password"
          if @user.update_password(params[:user])
            flash[:notice] = "User password updated."
            redirect_to :action => "index"
          else
            flash[:notice] = "Unable to update password."
          end
      end
      params[:user].delete "password"
      params[:user].delete "current_password"
      params[:user].delete "password_confirmation"
    end
    # For security purposes, never fill in password fields.
    current_user.clear_password!

  end
  def showProfilesToAdmin
    @title = "User Info"
    if params[:login]
      @user = User.find_by_login params[:login]
    end
  end
end
